paperlined.org
apps
>
windows
>
ActiveDirectory
document updated 13 years ago, on May 10, 2011
Is there a way for a computer to join an ActiveDomain without permission? I want to be able to clone a machine that's already on the network (that I'll take off the network before its clone joins).
script that automates the join process
(it requires the admin password though)
djoin.exe, a tool to do offline domain joins
quote:
"The password of a Machine Trust Account acts as the shared secret for secure communication with the domain controller. This is a security feature to prevent an unauthorized machine with the same NetBIOS name from joining the domain, participating in domain security operations, and gaining access to domain user/group accounts."
unattended.xml
can be used to automate the joining to a domain
UnsecureJoin!
MachinePassword
details about the LSA secrets
... I'm not sure if this is related or not?
quote:
"When you join a computer to a domain, a
computername
$ account is created, and a password is shared between the computer and the domain. By default, this password is changed every 30 days"
details about laptops losing their domain membership
... is this related to the
computername
$'s password?